ads 728x90

Google warns of vulnerability in SSL 3.0

A vulnerability has been discovered in SSL 3.0. Google invites users to abandon this protocol encryption to protect their data.

The SSL 3.0 protocol is almost 15 years old, but it remains widespread, and is compatible with all browsers. According to security experts from Google, this protocol contains a weakness (listed under the name CVE-2014-3566) that allows attackers to access secure online services without needing to know the password of a user. Compared to a fault as Heartbleed, the threat seems less, but it should be taken into account, especially in the workplace.

Google invites users to integrate TLS_FALLBACK_SCSV tool to prevent websites to switch to SSL 3.0, and thus to prevent hackers from intercepting confidential data.
SSL 3.0 should be permanently removed by Google teams in the coming months.